Snoopy is a tiny library that logs all executed commands (+ arguments) on your system.
The easiest way to start using Snoopy is to execute the following command (as root):
wget -q -O - https://github.com/a2o/snoopy/raw/master/bin/snoopy-install.sh | sh
That is it. Detailed installation instructions are available here: doc/INSTALL.md
This is what typical Snoopy output looks like:
2015-02-11T19:05:10+00:00 labrat-1 snoopy[896]: [uid:0 sid:11679 tty:/dev/pts/2 cwd:/root filename:/usr/bin/cat]: cat /etc/fstab.BAK
2015-02-11T19:05:15+00:00 labrat-1 snoopy[896]: [uid:0 sid:11679 tty:/dev/pts/2 cwd:/root filename:/usr/bin/rm]: rm -f /etc/fstab.BAK
2015-02-11T19:05:19+00:00 labrat-1 snoopy[896]: [uid:0 sid:11679 tty:/dev/pts/2 cwd:/root filename:/usr/bin/tail]: tail -f /var/log/messages
These are default output locations on various Linux distributions:
- CentOS: /var/log/secure
- Debian: /var/log/auth.log
- Ubuntu: /var/log/auth.log
- others: /var/log/messages (potentially, not necessarily)
For actual output destination check your syslog configuration.
Most parts of Snoopy are/can be/should be configured at build time.
However, since version 2.0.0 Snoopy supports optional configuration file. Snoopy's automated installation procedure enables configuration file support by default. Configuration file path is /etc/snoopy.ini.
For additional information consult comments in default configuration file etc/snoopy.ini and read appropriate sections of doc/INSTALL.md.
Only latest released version of Snoopy is supported! Any version that is not the latest is not supported. Please do not submit any bugfix/feature/change requests related to old and unsupported Snoopy versions.
- You should consult FAQ first: doc/FAQ.md
- Then you should search the Snoopy issue tracker: https://github.com/a2o/snoopy/issues
- Then google your issue up.
- If the problem persist up to this point, create a new issue:)
Development is currently located at the following URI: http://github.com/a2o/snoopy/
Snoopy Logger was originally created by: marius@umich.edu mbm@linux.com
Snoopy is currently maintained by: Bostjan Skufca, bostjan@a2o.si
List of contributors is available at the following locations:
- in the Snoopy's ChangeLog file;
- in the list of pull requests on GitHub.